<html>
<div id="loading">
<img src=images/loading.gif>  Please wait a second ...
</div>
<script>
function hideLoading()
{
  var disp = document.getElementById('loading');
  disp.innerHTML = '';
}
function hideKeys()
{
  var disp = document.getElementById('keys');  
  disp.innerHTML = '';
}
</script>

<?php require_once '../yubiphpbase/appinclude.php';
require_once '../yubiphpbase/yubi_lib.php';
include 'head.htm';

if (($usrid = getUsrIdFromSession()) <= 0) {
	echo TIMEDOUT;
	exit;
}

$idstr = getHttpVal('ids', '');
$idtype = getHttpVal('idtype', 'keyids');
writeLog('idstr='.$idstr.' idtype='.$idtype);

if ($idtype == 'sn'){
	$_SESSION['alert'] = NOT_YET;
	header('Location: index.php');
	exit;
}

if (showClientKeys($_SESSION['client'], $idtype, $idstr) == 0) {
 	echo "<script>\n".
			"hideKeys();\n".
		 "</script>\n";
    echo '<h4>Did you enter the correct IDs? Do you own the keys you are asking secrets for? '.
    	$contactAdm.' if you have questions. '.
    	BACK_AGAIN.'.<h4>';
}
?>

<p>

<a target=_top href="javascript:expandtab('maintab',0)">Back to My Yubikeys</a>

<?php
function showKey($id, $idtype, $client, $toggle) {
	$stmt = 'SELECT id, tokenId, secret, notes, client_id FROM yubikeys WHERE ';
	
	if ($idtype == 'keyid') {
		if (!is_numeric($id)) {
			$_SESSION['alert'] = 'Did you select the right key type?';
			return false;
		}
		$stmt .= ' id='.$id;
	} else if ($idtype == 'tokid') {
		$devId = substr($id, 0, 12);
		$stmt .= ' tokenId='.mysql_quote(modhexToB64($devId));
	} else {
		return false;
	}
	
	if (!isRootAdm()) {
	 	$stmt .= ' AND client_id='.$client;
	}
	writeLog($stmt,true);
	$ok = false;
	
	if ($r = query($stmt)) {
		
		echo '<tr '.($toggle ? 'bgcolor=#eeeeee' : '').'>';
			
		if ($row = mysql_fetch_assoc($r)) {
			
		  $secret64 = $row['secret'];
		  $secretModhex = b64ToModhex($secret64);
		  $secretBin = ModHex::Decode($secretModhex);
		  $secretHex = AES128::toHexString($secretBin);
		  
		  $tidModhex = b64ToModhex($row['tokenId']);
		  $tidBin = ModHex::Decode($tidModhex);
		  $tidHex = AES128::toHexString($tidBin);

		  echo '<td><font size=2>'.$row['id'].'</td><td><font size=2>'.
				$row['tokenId'].'<br>'.
				$tidHex.'<br>'.
				$tidModhex.'<br>'.
			'</td><td><font size=2>'.
				$secret64.'<br>'.
				$secretHex .'<br>'.
				$secretModhex.
			'</td><td><font size=2>'.
			$row['notes'].'</td>';
		  if (isRootAdm()) { // show client for root admin		  			 
		  	echo '<td><font size=2>'.
		  		makePopupURL('edit_client.php?client='.$row['client_id'], 
		  			$row['client_id'], 500).'</td>'; 
		  }
		  $ok = true;
		} else {
		  echo '<td colspan=9>Secret of Yubikey '.$idtype.': '.$id.' is not available for this request!</td>';
		  $ok = false;
		}
	}
	
	mysql_free_result($r);
	echo '</td></tr>';
	
	return $ok;
		
} // End showKey

// $act: operation code = findkey | list_keys
// $otp: modhex OTP from a Yubikey
function showClientKeys($client, $idtype, $idstr) {

  $ids = explode("\n", $idstr);
  $n = 0;
  
  echo '<div id="keys">';
  echo '<table border=0 width=100%><tr bgcolor=#ADFF2F><th><font size=2>ID</th>'.
	'<th><font size=2>TokenID (b64, hex, modhex)</th>'.
	'<th><font size=2>AES Secret Key (b64, hex, modhex)</th><th><font size=2>Notes</th>';
  if (isRootAdm()) { echo '<th><font size=2>Client</th>'; }
  $i = 0;
  foreach ($ids as $id) {
  	$id = trim($id);
    if (strlen($id) < 1) { continue; }
	if (showKey($id, $idtype, $client, ($i % 2))) {
		$n++;
	}
	$i++;
  }

  echo '</td></tr></table>';
  echo '</div>';

  echo '<br><br>Showing '.$n.' key(s)';
  return $n;

} // End showClientKeys

?>

<script>
hideLoading();
</script>
</body>
</html>
